38 lines
1.4 KiB
YAML
38 lines
1.4 KiB
YAML
version: "3.5"
|
|
|
|
services:
|
|
heimdall:
|
|
image: lscr.io/linuxserver/heimdall:latest
|
|
container_name: heimdall
|
|
restart: unless-stopped
|
|
networks:
|
|
bw-services:
|
|
aliases:
|
|
- heimdall
|
|
environment:
|
|
- PUID=${PUID}
|
|
- PGID=${PGID}
|
|
- TZ=${TZ}
|
|
volumes:
|
|
- ./config:/config
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
labels:
|
|
- "bunkerweb.SERVER_NAME=example.com"
|
|
- "bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|DELETE|PUT"
|
|
- "bunkerweb.USE_REVERSE_PROXY=yes"
|
|
- "bunkerweb.REVERSE_PROXY_URL=/"
|
|
- "bunkerweb.REVERSE_PROXY_HOST=http://heimdall"
|
|
- "bunkerweb.LIMIT_REQ_RATE=10r/s"
|
|
- "bunkerweb.REVERSE_PROXY_AUTH_REQUEST=/authelia"
|
|
- "bunkerweb.REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=https://auth.example.com/?rd=$$scheme%3A%2F%2F$$host$$request_uri"
|
|
- "bunkerweb.REVERSE_PROXY_AUTH_REQUEST_SET=$$user $$upstream_http_remote_user;$$groups $$upstream_http_remote_groups;$$name $$upstream_http_remote_name;$$email $$upstream_http_remote_email"
|
|
- "bunkerweb.REVERSE_PROXY_HEADERS=Remote-User $$user;Remote-Groups $$groups;Remote-Name $$name;Remote-Email $$email"
|
|
- "bunkerweb.REVERSE_PROXY_URL_999=/authelia"
|
|
- "bunkerweb.REVERSE_PROXY_HOST_999=http://authelia:9091/api/verify"
|
|
- 'bunkerweb.REVERSE_PROXY_HEADERS_999=X-Original-URL $$scheme://$$http_host$$request_uri;Content-Length ""'
|
|
|
|
networks:
|
|
bw-services:
|
|
name: bw-services
|